Configure the Decision Mappings ENTERPRISE
First, you must find one of the authz decisions and locate the path to the allow field in its JSON output.
In the DAS decision log, the last three decisions appear at the bottom in the following order:
- display.
- pull.
- authz.
The authz decision is the last one.
Click on the authz decision expand/collapse arrow to view its JSON output, as shown below.
{
"path": "rules/authz",
"policy_type": "rules",
"reason": {
"value": "[]"
},
"received": "2020-06-05T15:52:41.722Z",
"requested_by": "172.18.0.4:57546",
"result": {
"allow": true,
"errors": []
},
"system_id": "c070dcb2e1c24ec4a247a0d1540c2701",
"system_type": "custom",
"timestamp": "2020-06-05T15:52:32.686Z"
}
The authz decision should be treated as an Allow or Deny decision. The field within the decision log entry that indicates Allow or Deny is result.allow, shown below. If result.allow is true, the decision is Allowed; otherwise, it is Denied.
"result": {
"allow": true,
"errors": []
}
You can now configure the Decision Mappings for your Custom system so that the DAS knows which ones are Allowed or Denied decisions.
Click on the Settings tab >> Decision Mappings page.
In the Decision Mappings page, for the Path to decision and Path to message properties, enter the following values:
- Path to decision:
result.allow - Path to message:
result.errors
Click the Save changes button.
You can also use the Copy JSON path action to copy path references from a decision and paste it into a Decision Mappings path field.